What Happens To Your Files When a Cloud Service Shuts Down?

MrSeb writes "Megaupload's shutdown poses an interesting question: What happens to all the files that were stored on the servers? XDA-Developers, for example, has more than 200,000 links to Megaupload — and this morning, they're all broken, with very little hope of them returning. What happens if a similar service, like Dropbox, gets shut down — either through bankruptcy, or federal take-down? Will you be given a chance to download your files, or helped to migrate them to another similar service? What about data stored on enterprise services like Azure or AWS — are they more safe?" And if you're interested, the full indictment against Megaupload is now available.

Not an issue for Dropbox

[OnTheEdge]

Good question, but it's not really an issue for Dropbox as that service maintains full local copies on each of the computers I have on my account.

Isn't it obvious?

[tlhIngan]

It goes away. Hope you had a backup.

If you're lucky, the cloud provider may provide you with a one-time access to your account, but isn't it far safer to assume that if your cloud provider goes down, you've lost everything you put in? Not just data, either - if you've prepaid your account, you probably lost all that stored value as well.

Cloud storage providers especially. What happens if your hard drive dies? You lose the data. What happens if your backup tapes fail - you've lost the backup. What happens if your dropbox/skydrive/etc. disappear? You've lost your files.

All those XDA Developer links? Gone. hope the original authors are still around to upload them elsewhere or that someone downloaded it and can upload it.

Cloud providers make us lazy - we think "it'll always be around and I can grab it later". Turns out later can disappear - perhaps temporary (e.g., your or their internet connection dies), or permanently. But it's really just the same as storing files locally - there's a chance the storage may fail.

This is why you can't rely on cloud services

[SirGarlon]

The possibility that a cloud service can go offline quite suddenly should be a major factor in your decision whether to use the service at all, and the extent to which you'll rely on it. The customer agreement for Amazon Web Services [amazon.com] is better than I might expect because it says they will notify you if the service goes dark, but that might be small comfort if you are not prepared for a sudden migration.

Re:PIPA/SOPA Backlash

[gnasher719]

I would not be in the least bit surprised if a class action suit against the government (or something of that nature) was launched from all those who had legitimate files on Megaupload. Imagine if the USG shut down Youtube when it was first starting up. But truthfully, we are as a society held to the laws we make. To quote a lawyer once while I was in court, "If people don't like the laws, they should change them."

What are you smoking? First, you can't sue the government (easily). Second, the ones to sue are the people running Megaupload. If you had a valid contract with them to give them money so they store your data, then it was _their_ duty to ensure your data is safe. One part of their duty is to not commit illegal activities that gets them closed down.

Re:Question

[Caerdwyn]

For the same reason that some suspects are kept in jail pending their trial: it is considered highly likely by the judge presiding over the case that the criminal activity would continue, or evidence be destroyed. "Due process" includes that decision, and the prosecution and defendant both state their position before the judge makes that decision. That stage has passed.

BTW, I read the complaint. The core of the accusations are twofold: first that the Megaupload folks willfully hosted infringing content (thus losing the safe harbor protections that shield other hosting services); they knew and did nothing. Second, that through other businesses and websites they controlled, the Megaupload folks deliberately solicited infringing content and directed it to Megaupload (hence the "conspiracy" charges, which mean something very specific and not necessarily the tinfoil hats and black helicopters so popular among bloggers who think they know the meaning of a word). If those complaints are true (and none of us here knows that or will decide that; we are not the jury, and we are not seeing the evidence), then yeah, they're gonna go to jail and be stripped of every penny they own. That's reality, regardless of whether Anonymous, Slashdot, or anyone else likes it or not.

I just read the full indictment

[sandytaru]

Those emails are pretty damning, especially the ones specifying payments to users for providing illegal content. To paraphrase: "User X has 10 great, DVD ripped copies of some popular movies, let's send him a check for five grand." If anything, though, this is proof that the existing law is working as intended and we really don't need any additional bills to go through to crack down on piracy.

Re:Evidence

[hedwards]

No they haven't, they just don't rubber stamp them the way that they do in some places. If you really want to be safe go to Ireland, they rarely extradict anybody to the US. The last time I heard of them doing it was somebody that had killed 3 people in a drunk driving crash. Before that it had been literally years since they extradited anybody at all to the US.

Re:Evidence

[betterunixthanunix]

those folks really should have chosen a service that encrypts the copies on the server.

Right, because you can trust them not to decrypt everything for the government:

http://digital-lifestyles.info/2007/11/09/hushmail-opens-emails-to-us-dea/ [digital-lifestyles.info]

Re:Evidence

[racermd]

The actual answer is (as always) to have backups of anything you feel is important. If the data is important enough, you make multiple backups to different kinds of media and store them in different places.

And, with any backup solution, one must plan for contingencies. Now that MU is offline, and the other personal file uploading sites are in danger of the same scrutiny/takedown, maybe it's time to roll your own private cloud with friends and family as storage nodes. They host your files, you host theirs. Model it after a weird hybrid bittorrent/RAID setup. That whole Storage Spaces thing from Microsoft would be a good model if it can be scaled to the network layer. The loss of any node would not bring down the entire storage pool and would allow itself enough time to re-balance the load among the remaining nodes.

Obviously, there are some logistics concerns with this method. However, a private cloud like this would certainly survive the antics of a jilted media conglomerate (or a cabal of them). And, as it would be a backup solution to data you are already keeping elsewhere (right?), it wouldn't be the only copy of the data in the event the cloud goes down.

Re:Evidence

[Speare]

Copying is not theft. Jefferson said "he who lights a taper from me, receives light without darkening me."

But destruction of your only copy IS theft. "He who snuffs my own taper while it's sitting on the shelf where I intentionally left it for access later DOES darken me."

Sure, some people use cloud storage as a way to transfer files from point A to point B, ending up with three copies: A's, cloud's, and B's. But many people use cloud storage for... you know... storage. Archives. Record-keeping. Zero copies at home, one archive copy in the cloud. This is a real danger of cloud services, and governmental shuttering of sites is only one way that a cloud can fail.

Re:Evidence

[sulimma]

The EU currently is evaluating whether all extradictions to the US will be stopped because the bradley manning case shows that suspects in the US are not safe from torture. (Long periods of isolation are torture according to international standards)

Re:Is it an interesting question...

[jimicus]

Tape has terrible random access speed but any half-decent LTO tape drive can move data as fast as - if not faster than - most hard disks.

Re:Evidence

[Sentrion]

"...roll your own private cloud with friends and family as storage nodes. They host your files, you host theirs. Model it after a weird hybrid bittorrent/RAID setup..."

Once the FBI and **AA's find out your "rolling your own" underground clandestine P2P under-the-radar private information (translated into "intelligence" by the agency) sharing (translated into "espionage") system they will for sure decide that you are a terrorist/spy and send a drone to take out your network and your family.

They probably already have sniffers searching for this activity while we speak. ** Puts on tinfoil hat **

On-line back-ups are the worst example...

[Anonymous Brave Guy]

The actual answer is (as always) to have backups of anything you feel is important.

Ironically, the specialist on-line back-up services seem to be among the worst offenders in terms of guarantees.

For example, we looked into this a few months ago, and one huge and very well known back-up service had Ts & Cs that seemed to say (quite clearly, IIRC) that if they decided to close down the service for any reason then they would have no obligation in terms of granting customers data access beyond letting you download what you could over the next 3 days. On a fully saturated leased line, with no-one else hitting their servers at the same time, you still couldn't download the volume of data that even their entry-level business packages supported within that time frame! And clearly in practice not everyone has a handy leased line available and it is highly unlikely that the back-up service's servers would stand up to their entire customer base trying to do that at once. They normally offer other ways to retrieve your data en masse if necessary, such as posting it on discs for a small fee, but those options all stop as soon as they announce the closure. Basically, they offer a back-up service that can disappear at any time without giving you a chance to retrieve everything, so better hope your office doesn't burn down around the time they decide to do that, then.

We didn't take out a contract. We did notice that while the above was the worst case of not really providing the advertised service at all, several of the other big name specialist off-site back-up services didn't seem to be much better. None of them actually promised to take steps such that even if they had to shut down at short notice for any reason there was a always a credible plan in place to get your data back to you.

One of my colleagues made a strong case that we should use something like encrypted files uploaded to AWS if we wanted cloud back-ups, for the simple reason that Amazon make most of their money elsewhere but rely on AWS themselves as well, which with their scale means it is inconceivable that the service would be shut off with the loss of data before we had chance to retrieve it. In the end, we decided (as we have with most other cloud services) that the whole idea didn't live up to the hype, and we opted to lease a dedicated server housed in someone else's data centre and we basically just do an automatic rsync from our normal servers to the back-up with suitable levels of encryption applied throughout.